This policy explains what personal data we collect, how we use and manage it and the rights you have in relation to your personal data. Before you provide us with any personal data or browse our web site, we recommend you read through this policy in full and make sure that you are comfortable with our privacy practices. By using our site and by disclosing your data to us, you consent to the collection, storage, processing, use and disclosure of your data by us described in this privacy statement.
Personal data is defined as information concerning any living person (a natural person who hereafter will be called the data subject) that is not already in the public domain. The General Data Protection Regulation (GDPR) seeks to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU.
Capital ISS is committed to protecting all personal data provided to Capital ISS, whether by individuals with whom we do business, visitors to and users of our web site or otherwise.
We respect the privacy of all visitors to our site. We do not collect information that would personally identify you unless you choose to provide it. We do not save personal information to use for other purposes, nor do we provide it to any other parties other than to fulfil our contract with you or meet our legal requirements.
Links to third party sites
We currently have no links to other sites
Legal basis for processing your personal data
The legal basis for Capital ISS collecting and using your personal data will typically be one of the following:
- With your consent, which can be withdrawn at any time
- In the performance of a contract
- In compliance with our legal obligations
- Where necessary to protect the vital interests of a person
- Where necessary for the performance of a task carried out in the public interest
- Based on our legitimate business interests (except where those interests are overridden by the interests or rights and freedoms of the data subject)
Whose personal data do we collect
Capital ISS collects personal data from a range of individuals in the context of its business activities, including:
- Customers and potential customers
- Users of our website
- Individuals who contact us by any means
- Job applicants
How we collect your personal data
We obtain personal data which you knowingly and voluntary disclose to us, both in an online and offline context. We collect personal data when you:
- Visit our web site and/or complete one of our web forms
- Contact our offices for seeking information regarding a product and or a service.
- Visit our premises
- Submit an order to us
What personal data we collect
We collect a range of personal data from you in a business context, for example:
- name, gender, email address, postal, delivery address, photographic identification.
How we use your personal data
- To pay for services that you have requested from us
- To provide you with an email newsletter, to which you can unsubscribe
- To provide an alert service
- To monitor our premises
- To correspond with you
- To manage our everyday business needs
- To apply for a job with us
- To attend one of our events
- To provide professional services to you
Who we share your personal data with
Capital ISS will share your personal data with people within Capital ISS, who have a need to know that data for business or legal issues, for example, to carry out an administrative function such as processing an order, processing an invoice, or direct a query you have submitted.
We may disclose your personal data to third parties including:
- The authorities,
- Third parties engaged by Capital ISS for the purposes of providing services requested by you
- For the purposes of seeking legal and/or professional advice,
- To respond to a legal request or comply with a legal obligation.
We will never sell your information
Under certain circumstances Capital ISS will disclose personal data to law enforcement without the consent of the data subject, however our data controller will ensure the request is legitimate, seeking assistance from senior management and the company’s legal advisors where necessary.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org
- If you believe that any information we are holding on you is incorrect or incomplete, please email us soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Securing your data/ Data storage
Capital ISS secures your personal data from unauthorised access, use, or disclosure. The data is retained either on paper or electronically.
We endeavour to use appropriate technical and physical security measures to protect your personal data which is transmitted, stored, or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to. Our service providers are also selected carefully and required to use appropriate protective measures.
As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our site. Any transmission of data is at your own risk. Once we receive your data, we will use appropriate security measures to seek to prevent unauthorised access.
We will continue to revise policies and implement additional security features as new technologies become available.
If there is an interception or unauthorised access to your personal data, we will not be liable or responsible for any resulting misuse of your personal information.
Your personal data is not kept for longer than is necessary for the purposes for which it is collected. This means that paper records are shredded, and electronic records are erased from our systems when no longer required.
Your rights as a data subject
At any point, you have the following rights:
- Right of access – you may request a copy of the information that we hold about you
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete
- Right to be forgotten – in certain circumstances you may ask for the data we hold about you to be erased from our records
- Right to restriction of processing
- Right of portability
- Right to object to the use of your personal data
- Right to freedom from automated decision making
Transferring personal data abroad
Capital ISS will not transfer data outside the EEU without first referring to our legal advisors and the office of the data protection commissioner.
Our data access request policy and procedure
At Capital ISS your privacy and data protection rights are very important to us. This document outlines Capital ISS’s access request policy to help you with a request made under the provisions of the data protection acts.
Requests can arise as follows:
- Establish existence of personal data (section 3, data protection acts)
- Right to receive a copy of personal data (section 4 of the data protection acts)
Section 3 requests
Under section 3 of the Data Protection Acts you may write to us asking whether we keep any personal data on you and where we hold such personal data. We shall respond within 21 days of receipt of the request, giving you a description of the data, we hold on you and the purposes for which it is kept.
You do not have to pay a fee for making a request. Please make your request in writing to us at- Data Protection Co-ordinator, Capital ISS Ltd, Unit C 5 Santry Business Park, Santry, Dublin 9, stating that you are making your request under section 3 of the Data Protection Acts. (please note that we may require you to provide us with satisfactory evidence of your identity and address).
We do not accept section 3 requests via telephone, e-mail, or text message.
Section 4 requests
Under section 4 of the Data Protection Acts, you may receive a copy of your personal data held by Capital ISS upon written request, subject to payment of a fee of €6.35.
Procedure to be followed relating to section 4 requests
Your request could read as follows:
I wish to make an access request under Article 15 of the General Data Protection Regulation (GDPR) for a copy of any information you keep about me, on computer or in manual form in relation to…
(Please be as specific as possible in relation to the personal data you wish to access).
relation to the personal data you wish to access).
- Complete, sign, and date the letter and be specific as possible about the information you wish to access
- Attach a photocopy of your proof of identity and address to the access request form
- Enclose a cheque or postal order payable to Capital ISS in the amount of €6.35.
- Post the access request to – Data Protection Co-ordinator, Capital ISS, unit C5, Santry Business Park, Santry Dublin 9
- Please note that we reserve the right not to process and release data requested where you have not complied with the requirements of section 4 of the Data Protection Acts, including where:
- You have not paid the prescribed fee of €6.35. All payments should be made by cheque or postal money order made payable to Capital
- Your request is not made in writing. We do not accept access request via telephone, email or text message.
Responding to your access request under section 4 of the Data Protection Acts
Once we have received your fully completed access request form, your proof of identity and address, and the prescribed fee, we shall respond to you within the statutory period of forty (40) days.
If you are not satisfied with the outcome of your access request, you are entitled to make a complaint to the Data Protection Commissioner who may investigate the matter for you.
Overall responsibility for ensuring compliance with requests made under the Data Protection Acts rests with Capital ISS. However, our responsibility varies depending upon whether we are acting as either a Data Controller or a Data Processor.
All employees and contractors of Capital ISS who separately collect, control, or process the content and use of personal data are individually responsible for compliance with the Data Protection Acts.
How to raise a concern with the Data Protection Commissioner
Follow the process as outlined at www.dataprotection.ie
We may update this policy from time to time to ensure it stays up to date with the latest legal requirements or to reflect any changes to our privacy management practices. If we make changes, we will notify you by posting a notice on our website.
By agreeing to this privacy notice you are consenting to Capital ISS processing your personal data for the purposes outlined.
Unsubscribe to our communications
You may withdraw consent at any time by emailing info @capitalissgroup.ie or writing to us.
In addition, you may click on the unsubscribe button in any communication that you receive from Capital ISS. This will automatically unsubscribe you from that type of communication. Please be aware that you may continue to receive communications which are already on route to you for a short period of time while your unsubscribe request is being processed.